<?php
	//权限控制 
class Permition{

	private $CI;
	
	private $url_model;//请求的控制器(功能模块)
	
	private $url_method;//请求的method
	
	private $url_param;//请求的param
 	
	private $allowAction;//不需要验证权限的板块
	
	private $nologin;//不需要登录的模块

	
	
	public	function __construct(){
			$this->CI = & get_instance();
			$this->CI->load->database();
			$this->CI->load->library('session');
			
			$this->url_model = $this->CI->router->fetch_class();
			$this->url_method = $this->CI->router->fetch_method();
			
			if($this->CI->uri->total_rsegments()>2){
				$this->url_param = $this->CI->uri->slash_segment(3, 'leading');
			}	
			

			$this->allowAction = array(
				'account'=>array('index','login','logout'),//账户登录相关的模块
				'index'=>array('index','menu','adminborder')//后台主页
			);
			
			$this->nologin = array('common','account','home','api','uc');
			
	}
		
	
	//检查用户操作权限
	public function checkuser(){
		
		$this->CI->load->model('user_model');
	
		//用户没有登录
		if(!$this->CI->user_model->islogin()){
		
			//排除账户登陆/加载初期的部分模块,防止循环重定向 或 初始化错误
			if(!in_array($this->url_model,$this->nologin)){
			
					set_session('crefresh','account');
					set_session('backurl',$this->url_model."/".$this->url_method.$this->url_param);
					
					//ajax请求，则反馈给前端nologin
					if($this->CI->input->is_ajax_request()){
						echo json_encode(array('error'=>'nologin'));
						exit;
					}
					showMessage('请登录!',array('登陆'=>'account'));
			}
			
			
		}
		//目前前端没有权限模块
		/*else{
			//验证对模块的访问权限
			
			$url_string = $this->url_model."/".$this->url_method;
			
			//系统加载初期部分模块是需要加载的,如，账户登录/后台主面板等
			if(!$this->isAllowAction()){
				$user_action = $this->CI->session->userdata('actions');
				
				//all_allow标示为 超级权限
				if( $user_action != 'all_allow' AND !in_array($url_string,$user_action)){
					showMessage('没有操作权限!',0,'warning');
					
				}
			}
			
		}*/
		
	}
	
	//跳过不需要权限验证模块
	public function isAllowAction(){
		
		//不需要权限验证的模块
		if(array_key_exists($this->url_model,$this->allowAction)){
		
			//不需要权限验证功能
			if(!in_array($this->url_method,$this->allowAction[$this->url_model])){
				return false;
			}
			return true;
			
		}else{
			
			return false;
		}
		
	}
			

	}
?>